I just found some informations about "possible sql injection" in latest VirtueMart (2.0.2).
So yes, it is true. ;) But I'm not the author of 'public' ;D So I asked myt self how it was happened... ;]
Why I decide to write this here. I found this vulnerability in 5.04 this year, and now I saw that someone is public it (the same) at 6.04 ;)
So that's why I want to share with You a full detailed technical information about this "possibility".
(...)
Anyway, beside SQL-i, in VM there are some kind of other vulnerabilities. I'm talking about information disclosure bugs.
If user submit a 'wrong url' then (because of wrong validation) he can get /path/to/your/virtuemart.
This information can be usable to other (extend) attacks.
This is my first post here, so if I found an 'add image' option, I will paste it some screens.
Cheers! ;)
Jakub"
Details below:
1. Attacker can get information from database.
2. Some information disclosure bugs:
(2.1 "Brute" input)
And output:
3. SQL Injection *tmp* screens:
And last screen for "when did I found it":
Cheers! ;)
No comments:
Post a Comment
What do You think...?